CN1690913A - Metering accessing of content in a content protection system or its analog - Google Patents

Metering accessing of content in a content protection system or its analog Download PDF

Info

Publication number
CN1690913A
CN1690913A CNA2005100667073A CN200510066707A CN1690913A CN 1690913 A CN1690913 A CN 1690913A CN A2005100667073 A CNA2005100667073 A CN A2005100667073A CN 200510066707 A CN200510066707 A CN 200510066707A CN 1690913 A CN1690913 A CN 1690913A
Authority
CN
China
Prior art keywords
continuous data
inquiry
mid
response
client computer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA2005100667073A
Other languages
Chinese (zh)
Other versions
CN100442194C (en
Inventor
B·B·卡特
B·P·埃文斯
C·P·斯特罗姆
M·J·帕克斯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Publication of CN1690913A publication Critical patent/CN1690913A/en
Application granted granted Critical
Publication of CN100442194C publication Critical patent/CN100442194C/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/06Electricity, gas or water supply
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2135Metering
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S707/00Data processing: database and file management or data structures
    • Y10S707/99941Database schema or data structure
    • Y10S707/99944Object-oriented database structure
    • Y10S707/99945Object-oriented database structure processing
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S707/00Data processing: database and file management or data structures
    • Y10S707/99941Database schema or data structure
    • Y10S707/99948Application of database or data structure, e.g. distributed, multimedia, or image

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Software Systems (AREA)
  • Economics (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Water Supply & Treatment (AREA)
  • Primary Health Care (AREA)
  • Computer Hardware Design (AREA)
  • Technology Law (AREA)
  • Public Health (AREA)
  • Multimedia (AREA)
  • General Health & Medical Sciences (AREA)
  • Human Resources & Organizations (AREA)
  • Marketing (AREA)
  • General Engineering & Computer Science (AREA)
  • Strategic Management (AREA)
  • Tourism & Hospitality (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Reverberation, Karaoke And Other Acoustics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

Metered data is accumulated and is indexed within a metering database of a client according to a metering ID (MID) and a content-associated ID (KID). The client selects a particular MID and metered data in the metering database having the selected MID, and constructs a challenge based on the selected metered data and sends same to a metering service. The metering service obtains the metered data from the challenge, stores same, and constructs a response. The client receives the response including a list of KIDs of the selected metered data in the challenge, and processes the list of KIDs by, for each KID in the list, deleting the metered data from the metering database having the selected MID and the KID.

Description

Access to content in content protective system or its analog etc. is measured
(1) technical field
The present invention relates to be used to allow visit to digital content; the architecture and the method for measuring such as the digital content access in the environment of content protective system particularly relates in particular to the data of collecting the access to content that expression is measured and it reported to the architecture and the method for metering service.
(2) background technology
Referring now to Fig. 1; just as is known; be starved of with such as digital contents such as DAB, digital video, digital text, numerical data, digital multimedia 12 relevant content protecting and implementation system, digital content 12 is distributed to the user in this system.In a single day the user receives digital content, just by such as the media player on the personal computer 14, movably suitable display device such as playback equipment presents or " broadcast " this digital content.
Usually, the content owner who distributes this digital content 12 wishes the action that limited subscriber is done this digital content distributed 12.For example, the content owner may wish that limited subscriber duplicates this digital content 12 and it is distributed to other user once more, perhaps may wish to allow institute's digital content distributed 12 can only be played limited number of times, can only be played certain T.T., can only play on the machine of certain type, can only on the media player of certain type, play, can only play by the user of certain type, or the like.
Yet after distribution had taken place, this content owner had only few control (if any) to digital content 12.So copy-protection system 10 allows digital content 12 controlled of arbitrary forms to present or plays, wherein this control is flexibly, and can be defined by the content owner of this digital content 12.Usually, content 12 is distributed to the user by any suitable distribution channel for distribution to wrap 13 form.Institute's digital content distributed bag 13 can comprise keys for encryption/decryption (KD) encrypted digital content 12 (that is, (KD (CDNTENT))) with symmetry, and the sign content, how to obtain other information of the licence or the like of this content.
Allow the owner of digital content 12 to specify in based on the copy-protection system 10 of trusting and allow to present the rule that this digital content 12 must satisfy before.This rule can comprise above-mentioned requirement and/or other, and can be included in that the user/user's computing equipment 14 (hereinafter, this term can exchange, removing non-ambient requires in addition) must be from the digital license 16 of content owner or its agency's acquisition, perhaps this rule can be affixed to content 12.For example, this licence 16 and/or rule can comprise, for example are used for the decruption key (KD) of decrypts digital content 12, and perhaps this decruption key is according to being encrypted by another key of user's computing equipment or the deciphering of other playback equipments.
The content owner of one piece of digital content 12 is reluctant content 12 is distributed to the user, will observe in licence 16 or other places rule by this content owner's appointment unless this owner can believe the user.So, preferably, a trusted component or mechanism 18 are provided for user's computing equipment 14 or other playback equipments, this assembly or mechanism 18 can only present digital content 12 according to compromise rule.
Trusted component 18 generally has evaluator 20, this evaluator 20 examination rules, and determine to initiate requesting users based on the rule of being examined and whether have to seek and other modes present the authority of the digital content 12 of being asked.Should be appreciated that; in copy-protection system 10; believe that evaluator 20 can realize the possessory hope of digital content 12 according to rule, and no matter for evilness or opposite any purpose, the user should change this trusted component 18 and/or evaluator 20 easily.
Should be appreciated that; whether the rule that is used for rendering content 12 can come designated user to have based on multiple factor any to carry out this authority that presents, these factors comprise whom the user is, the user where, the user in the computing equipment that uses what type or other playback equipments, what display application program in calls copy protection system 10, date, time or the like.In addition, rule can be limited to demonstration for example predetermined broadcasting time, predetermined reproduction time etc.
Rule can be specified according to any suitable language and sentence structure.For example, the attribute and the value (for example, DATE must be later than XX) that must satisfy can be specified simply in language, perhaps can require the behavior (for example, IF DATE is greater than X, THEN DO...) of function according to the script of an appointment.
In case evaluator 20 has determined that rule is met, and just can present digital content 12.Especially, be displaying contents 12, from obtaining decruption key (KD) such as one predefined source such as above-mentioned licence 16 grades), and this decruption key (KD) is applied to (KD (CONTENT)) from content bag 13 to produce actual content 12, in fact presented actual content 12 then.
Note, may require trusted component 18 to keep and the presenting and/or the relevant status information of use of specific licenc e 16 of the specific fragment of content 12 sometimes.For example can be such situation, specific licenc e 16 has a play count requirement, so trusted component 18 must remember that licence 16 has been used to present content corresponding 12 how many times, or licence 16 can also be used to present content corresponding 12 how many times.Therefore, trusted component 18 also can comprise at least one lasting security storage 22, keeps this status information enduringly in the mode of safety in this lasting security storage 22.Therefore, trusted component 18 stores this status information into this safe storage 22 in lasting mode, even make the session of crossing over use on computing equipment 14, this status information also can be kept.This safe storage 22 may be positioned on the trusted component 18 of computing equipment 14, although this safe storage 22 also can be positioned at other places.
In copy-protection system 10, associate by encrypted content 12 and with one group of rule and this content 12, encapsulate this content 12 and use for the user, can only come rendering content 12 according to rule thus.Because can only come rendering content 12 according to rule, therefore distributing contents 12 freely.Usually, content 12 is according to encrypting such as above-mentioned key symmetric keys such as (KD), and to obtain (KD (content)), therefore (KD (content)) also deciphers according to (KD), to obtain content 12.This (KD) so be comprised in content 12 corresponding licences 16 in.Usually, this (KD) is according to PKI, encrypts as the PKI (PU-C) of the computing equipment 14 of rendering content 12 thereon, thereby obtains (PU-C (KD)).But note, can use other PKIs, as PKI of user's PKI, group that the user is its member or the like.
Notice that except the action that limited subscriber can be done institute's digital content distributed 12, content owner etc. also may wish to measure the use to this content 12 such as this user, this computing equipment.For example, the content owner may like to know that content 12 has been presented how many times, this be since the user with show number of times serve as the basis pay, since the content owner showing that number of times is a base charge, or the like.Correspondingly, the content owner may like to know that content 12 has been replicated how many times (supposing that this option is available), content 12 have been integrated into how long another section content how many times (supposing that also this option is available), content be presented, the time in one day of the rendering content quilt, or the like.In brief, content owner etc. may wish to measure use to this content with any way that in fact can be measured or count or accumulate.Therefore, the trusted component 18 on the computing equipment 14 can be used to carry out this function of measuring, and the continuous data that will therefrom be obtained stores safe storage 22 into.
Generally speaking, metering can be regarded as the quantity that relates to one section content 12 is counted or accumulated, wherein an amount will measuring according to content owner's etc. hope of this quantity representative.As illustrated in the above, metering generally can content-based 12 by the number of times that presents, duplicates, transmission etc. is accessed, the time quantum that content 12 is presented etc.Certainly, have other forms of metering, any other metering form can be used for the present invention, and is as described below.
Be appreciated that metering is useful for the many reasons that comprise feedback, monetary base etc.An example is, concerning the content owner,, the indication whether being appreciated, whether liked or the like 12 whether popular, whether useful as content is important about the statistic of the utilization rate of one section content 12.Another example is, can be used for providing remuneration to the author of one section content 12 about the statistic of the utilization rate of one section content 12, even this author is one among various authors.Another example is, can be used to calculate the value of money that pay the content owner about the statistic of the utilization rate of one section content 12.Especially in the later case, should be realized that, can be based on every user base, single payment basis or its combination to permitting such as contents such as musical works 12.Therefore, based on permission basis, especially based on license fee whether based on a fixing quantity or every number of users, to the licence fee of content owner's generation radical change can take place by using content 12.
In addition, owing to also do not carry out detailed metering so far, it is possible fully providing the ability of carrying out this detailed metering will create the following business prototype that does not have in the past.An example is, the cost of advertisement delivery (content 12) mainly preestablishes based on one and fixing expense at present, in the future the demonstration number of times of the advertisement/content 12 that then can be obtained when measuring by the present invention.Another example is, TV programme (content 12) is to charge based on its market share of being measured by a service of chargeing at least in part at present, but this charging only is based on the estimation of fewer statistical sampling, and use the present invention, this charging can be based on the very detailed measurement value of the viewer/user of this program/content 12.
Though notice, although can use of visit and the use of direct relatively mode metering user to the content on the computing equipment 14 12, but also be not used in the architecture or the method for following purpose: what (1) definition will measure, (2) define to such an extent that how the data of self-measuring are stored on the computing equipment 14, (3) definition is used for from the metering service of each collection continuous data of a plurality of computing equipments, and perhaps how (4) definition reports to metering service with continuous data.
Therefore, need architecture and the method that realizes the data metering and continuous data is reported to metering service.Especially, need definition what will measure, define the data of self-measuring how to be stored on the computing equipment 14, definition is used for collecting architecture and the method how metering service of continuous data and definition report to continuous data metering service from each of a plurality of computing equipments.
(3) summary of the invention
The present invention satisfies above-mentioned needs at least in part, among the present invention, provides a kind of method that the continuous data of being accumulated is reported to metering service from client computer.Each segment of continuous data is carried out index according to metering ID (MID) in the continuous data storehouse of client computer, and carries out subindex according to relevance ID (KID) in the continuous data storehouse.
In the method, client computer is selected a specific MID, and selects to have in the continuous data storehouse at least a portion of the continuous data of selected MID, and wherein selected continuous data is organized according to KID.Client computer is addressed inquires to based on selected continuous data structure then, and the inquiry of being constructed is sent to metering service.Metering service obtains continuous data, storage continuous data and based on addressing inquires to tectonic response to return to client computer from address inquires to.
Client computer receives response from metering service, and confirms response corresponding to this inquiry, and wherein, this response comprises the KID tabulation of selected continuous data in the inquiry.After this, client computer is deleted the continuous data with selected MID and this KID by to each KID in the tabulation from the continuous data storehouse, comes the KID tabulation in the processing response.
(4) description of drawings
Read in conjunction with the accompanying drawings, can understand the detailed description of the above-mentioned summary of the invention and the following embodiment of the invention better.Be illustration the present invention, current preferred embodiment shown in the accompanying drawing.Yet should be appreciated that, the invention is not restricted to shown accurate configuration and means.In the accompanying drawing:
Fig. 1 is the block scheme that illustrates based on the enforcement architecture of an example of the system that trusts, and this system comprises the client computer with continuous data storehouse, and the metering service that receives data from client computer;
Fig. 2 is the block scheme of a general-purpose computing system of expression, wherein can be in conjunction with aspects of the present invention and/or its all part;
Fig. 3 is a block scheme, shows the digital content among Fig. 1, the one or more digital license of this content and relation between the continuous data in the continuous data storehouse of being tied to according to one embodiment of the present of invention; And
Fig. 4 is a process flow diagram, shows client computer among Fig. 1 and metering service with continuous data performed committed step when this client computer reports to this metering service according to one embodiment of the present of invention.
(5) embodiment
Computer environment
Fig. 1 and following discussion aim to provide the concise and to the point general description of the computing environment that is suitable for that can realize the present invention and/or its all part therein.Although also nonessential, will in general context, the present invention be described by the computer executable instructions of carrying out such as computing machines such as client workstation or servers such as program module.Usually, program module comprises the routine finishing specific task or realize specific abstract data type, program, object, data structure or the like.And, should be understood that, the present invention and/or its all part can be put into practice with other computer system configurations, and other computer system configurations comprise portable equipment, multicomputer system, based on microprocessor or programmable consumer, network PC, small-size computer, mainframe computer or the like.The present invention also can put into practice in distributed computing environment, and wherein, task is carried out by the teleprocessing equipment that connects by communication network.In distributed computing environment, program module can be arranged in local and remote memory devices.
As shown in Figure 2, the exemplary universal computing system comprises conventional personal computer 120 or its analog, comprises that processing unit 121, system storage 122 and handle comprise that the various system components of system storage are coupled to the system bus 123 of processing unit 121.System bus 123 can be any in some types of bus structure, any the local bus that comprises memory bus or Memory Controller, peripheral bus and use multiple bus architecture.System storage comprises ROM (read-only memory) (ROM) 124 and random-access memory (ram) 125.Basic input/output (BIOS) 126 is stored in the ROM 124, it comprise help for example in start-up course between the element in personal computer 120 transmission information basic routine.
The disc driver 128 that personal computer 120 can also comprise the hard disk drive 127 that is used for the hard disk (not shown) is read and write, be used for moveable magnetic disc 129 is read and write, be used for the CD drive 130 read and write such as removable CDs 131 such as CD ROM or other optical mediums.Hard disk drive 127, disc driver 128 and CD drive 130 are connected to system bus 123 by hard disk drive interface 132, disk drive interface 133 and CD drive interface 134 respectively.All drivers and relevant computer-readable medium thereof provide the non-volatile memories of computer-readable instruction, data structure, program module and other data for personal computer 120.
Although exemplary environments described herein has been used hard disk, moveable magnetic disc 129 and removable CD 131, should be understood that the computer-readable medium of other types that can the addressable data of storage computation machine also can be used for exemplary operating environment.The medium of this other types comprises tape cassete, flash card, digital video disc, Bernoulli Jacob's boxlike tape, random-access memory (ram), ROM (read-only memory) (ROM) or the like.
A plurality of program modules can be stored among hard disk, disk 129, CD 131, ROM 124 and the RAM 125, comprise operating system 135, one or more application program 136, other program modules 137 and routine data 138.The user can pass through such as input equipments such as keyboard 140 and positioning equipments 142 to personal computer 120 input commands and information.Other input equipment (not shown) can comprise microphone, operating rod, game mat, satellite dish, scanner or the like.The input equipment of these and other often is connected to processing unit 121 by the serial port interface 146 that is coupled to system bus 121, but also can pass through other interfaces, connects as parallel port, game port or USB (universal serial bus) (USB).The display device of monitor 147 or other types also by interface, is connected to system bus 123 as video adapter 148.Except monitor 147, personal computer can comprise other peripheral output device (not shown), as loudspeaker, printer or the like.The example system of Fig. 2 also comprises host adapter 155, small computer system interface (SCSI) bus 156 and is connected to the External memory equipment 162 of SCSI bus.
Personal computer 120 can be operated in and use one or more remote computer, in the networked environment that connects as the logic of remote computer 149.Remote computer 149 can be another personal computer, server, router, network PC, peer device or other common network node, and generally comprise many or all said elements relevant with personal computer 120, although among Fig. 2 only illustration memory storage device 150.Logic described in Fig. 2 connects and comprises Local Area Network 151 and wide area network (WAN) 152.This network environment is common in computer network, Intranet and the Internet of office, enterprise-wide.
When being used for the lan network environment, personal computer 120 is linked LAN 151 by network interface or adapter 153.When being used for the WAN network environment, personal computer 120 generally comprises modulator-demodular unit 154 or is used for by WAN 152, sets up other devices of communication as the Internet.Modulator-demodular unit 154 that can be internal or external is connected to system bus 123 through serial port interface 146.In the environment of networking, described program module or its all part relevant with personal computer 120 can be stored in the remote memory storage device.Should be understood that it is exemplary that shown network connects, and can use other devices of setting up communication link between computing machine.
Visit to content 12 is measured
Among the present invention, according to will measuring and so on definition, to measuring according to the visit of the content 12 on the computing equipment 14 of content protective system 10, and the data storage that will get self-measuring is to computing equipment 14 or other places.This continuous data is periodically reported to metering service 24 (Fig. 1), especially is reported to this metering service 24 according to an assignment procedure, and wherein, metering service 24 each from a plurality of computing equipments 14 is collected continuous data.
Notice that content protecting represents to be used to protect digital content 12, making can not be to use the serial of methods and the technology of this content 12 with the inconsistent mode of content owner and/or supplier's hope.These methods comprise copy protection (CP), link protection (LP), conditional access (CA), rights management (RM) and Digital Right Management (DRM) or the like.The basis of arbitrary content protective system 10 is, has only the trusted application can be with not protection form visit protected content 12, and wherein, trusted application is guaranteed correctly observing the implicit expression of the use of protected content 12 and/or explicit rule.Usually, protect content 12, wherein, have only trusted party ability decryption content 12 by encrypting in some way.
On the strictest meaning, copy protection is applied to reside in the content 12 in the memory device especially, and link protection is applied to the content 12 that flows by on the transmission medium between destination application/device.Conditional access can be considered to a kind of link protection of form more complicated, wherein encrypts advanced procedures, channel and/or film in transmission course.Only to providing decryption content 12 required key for visiting subscriber that this content 12 pays.
Digital Right Management is an extendible architecture, and the rule of use through approval that wherein relates to the specific fragment of content 12 is explicit, is tied to or is associated with content 12 itself.DRM mechanism can support than the abundanter and more expressive rule of additive method, simultaneously the individual sections of content or or even the rank of the subconstiuent of content on stronger control and dirigibility is provided.An example of digital right management system is delivered the U.S. Patent application the 09/290th that is that on April 12nd, 1999 submitted to, No. 363 and the U.S. Provisional Application the 60/126th submitted on March 27th, 1999, No. 614, wherein each patented claim is all quoted as a reference in this integral body.
Rights management be a kind of organizationally based on protecting content 12 so that can only be in tissue or its subclass the DRM form that visit.An example of Rights Management System is published in the U.S. Patent application submitted on June 28th, 2002 the 10/185th, No. 527, the 10/185th, No. 278 and the 10/185th, No. 511, and wherein each patented claim is all quoted as a reference in this integral body.
Definition will be measured anything
In one embodiment of the invention, under the control and support of the trusted component on the computing equipment 14 18, during occupancy permit 16 presents content corresponding 12, carry out the metering on the computing equipment.In this embodiment, if licence 16 comprises a metering label, as being used for based on the metering label of the licence 16 of XML (extend markup language) etc., then to the use of content 12/visit/present and measure.Therefore should be understood that metering carries out with respect to content 12, although the decision-making of whether measuring is the basis that exists for the metering label of licence 16.
For example, the following part of licence 16 comprises a MID (metering ID) label, and therefore content corresponding 12 is measured by trusted component 18 during showing this content 12:
<LICENSE?version=“2.0.0.0”>
<LICENSORINFO>
<DATA>
<KID>FgA3Mep5+UiW5yB2CuevGg==</KID>
<MID>UiW5yBMep2CuevGg5+FgA3==</MID>
</DATA>
</LICENSORINFO>
</LICENSE>
Notice that the data that are associated with MID label (hereinafter referred to as " MID ") can be 16 byte-identifiers with base 64 (base64) coding.In one embodiment of the invention, this MID has identified the recipient of the collected continuous data relevant with licence 16, as will being described in greater detail below.Also to note, the KID tag identifier licence 16 content 12 of being bound, and at least in some instances, can represent a value, from this value, can derive the content key (KD) that is used for decryption content 12 with the data that this KID label (hereinafter referred to as " KID ") is associated.
Trusted component 18 can be collected about the continuous data of any particular type of the use of content 12 and do not deviated from the spirit and scope of the present invention.In one embodiment of the invention, trusted component 18 presents authority (play, duplicate, transmit, edit or the like) and keeps the counting in the safe storage 22 for every kind, and increases progressively each this counting when authority is used to accessed content 12.Notice that safe storage 22 is used to store continuous data, can distort this continuous data to prevent user or other people.Otherwise for example the malicious user based on every user base charge can change the use that continuous data lacks than truth with reflection.
In an alternative of the present invention, the MID label can comprise therein about carrying out the counted data (not shown) and/or about the use of the content 12 that will measure and the otherwise data (also not shown) how to measure to which authority.Therefore, as being mentioned indirectly, trusted component 18 can carry out the time quantum that is presented such as content 12, the number of times that begins to present, the number of times that stops to present, present the metering of number of times that keystroke in the process or mouse move or the like, and suitable continuous data is stored in the safe storage 22.
Store the data of self-measuring
Should be understood that the corresponding licence 16 that is used in combination and presents (i.e. visit) content 12, the continuous data that trusted component 18 is collected about one section content 12, and this collected data are suitably stored in the safe storage 22, as shown in Figure 3.Should be understood that also in addition, trusted component 18 can be collected the licensc e data about the use that presents licence 16, and also can suitably store this collected data in the safe storage 22 (not shown).
In one embodiment of the invention, as shown in Figure 3, MID according to the metering of triggering for generating continuous data in the licence 16, and according to the KID of the content 12 that is measured accordingly, trusted component 18 is stored in the continuous data in the safe storage 22 in the continuous data storehouse 26, as illustrated in this licence 16.Especially, according to as this MID of main index with as this KID of secondary indexes, trusted component 18 is stored in the continuous data in the safe storage 22 in the continuous data storehouse 26.Therefore, for having specific MID and KID, be used to present any specific use of the licence 16 of one section content 12 with specific KID, trusted component 18 in safe storage 22 more in the new database 26 corresponding M ID, KID index to reflect this use.For example, if this content is played twice and is replicated once, trusted component 18 can increase progressively twice of play count and increase progressively duplication count once under corresponding M ID, the KID index in the database 26 of safe storage 22.
Notice that each in a plurality of licences 16 can allow the same clip of rendering content 12, but wherein can have identical or different MID.Therefore, if each in two this licences 16 all has identical MID and is used to play one section content 12 once, then the play count under MID, KID index is owing to twice broadcast is incremented twice.Correspondingly, if each in two this licences 16 has different MID (MID1 and MID2), and be used to play one section content 12 once, then the play count under MID1, KID index is incremented once owing to once playing, and the play count under MID2, KID index is also similarly increased progressively once owing to once playing.
Metering service
Be appreciated that, periodically be forwarded to a centralized metering service 24 by the institute's cummulative metering data in the continuous data storehouse 26 of trusted component 18 in safe storage 22, metering service 24 can receive continuous data and suitably handle this continuous data from a plurality of computing equipments thus.This processing can be any suitable processing and do not deviate from spirit and scope of the invention.For example, if the author of one section content 12 will collect copyright royalty based on every user base, then metering service can amount to interior all usage counts with respect to this section content 12 of a period of time, and with its entity that reports to the author and/or collect copyright royalty.Perhaps, metering service can only receive and store continuous data, for carrying out another service retrieval of handling, perhaps the continuous data of being stored periodically can be transmitted to another service.
No matter be actually which service processing continuous data, should be understood that, because each fragment of continuous data is stored in the continuous data storehouse 26 according to its MID, KID index, this data slot can be forwarded to the metering service 24 that has this MID, KID index, and also can handle according to this MID, KID index.Therefore, handling the continuous data of being transmitted can carry out according to MID, KID index.Therefore, and as an example, if the content owner of one section content 12 all uses of all fragments of content 12 amounted up to a particular value time, collect expense free of interest (flat fee), this total can be carried out based on the KID index that is associated with continuous data, wherein continuous data with by and to reach this section content 12 of metering service 24 corresponding.
In one embodiment of the invention, a plurality of metering service 28 can be by illustration, and receiving the continuous data of being transmitted, and based on the MID that is associated with each fragment of this continuous data, these fragments of continuous data are forwarded to specific metering service 24.Be appreciated that each metering service 24 can be associated with one or more MID, and therefore receive the continuous data that is associated with this one or more MID.
Association between MID and the metering service 24 can comprise that the certificate of measurement and weight 30 of MID, sign, the PKI (PU-M) such as URL corresponding metering service 24 such as (uniform resource locators) and the Content Management authorized organization of signing set up by issue.Therefore, if only will be to the specific MID of metering service 24 signs, the trusted component 18 that then continuous data with the specific MID that is associated with it will be reported to corresponding metering service 24 on each computing equipment 14 just must have corresponding certificate of measurement and weight 30.Usually, when initialization and/or as a conventional part of upgrading, can provide one or more certificates of measurement and weight 30 to trusted component 18.
Continuous data is reported to metering service
As time goes on, computing equipment 14 (below be designated as " client computer 14 ") is accumulated the continuous data in its continuous data storehouse 26, and therefore should periodically this continuous data be reported to one or more metering service 28.The periodicity of reporting period can be any suitable cycle and do not deviate from the spirit and scope of the present invention.For example, this periodicity can be every day, weekly, per two weeks, every month or the like.Perhaps, this periodicity can reach specific size or wherein have the continuous data of specific quantity based on continuous data storehouse 26.
When the report continuous data, client computer 14 can be reported all continuous datas of being accumulated in its continuous data storehouse 26, perhaps can only report the part of the continuous data of being accumulated in the continuous data storehouse 26.Especially, in one embodiment of the invention, client computer 14 is reported the continuous data of being accumulated in its continuous data storehouse 26 on the basis of every certificate of measurement and weight 30.Therefore, if client computer 14 not with continuous data storehouse 26 in the corresponding certificate of measurement and weight 30 of specific continuous data, then do not report this specific continuous data.
Referring now to Fig. 4,, in any case in one embodiment of the invention, client computer 14 is reported the continuous data of being accumulated in its continuous data storehouse 26 according to following process on the basis of every certificate of measurement and weight 30.Tentatively, client computer 14 is selected a specific certificate of measurement and weight 30, and based on this certificate of measurement and weight 30 (step 401) of its signature verification, determines wherein illustrated MID (step 403) then from the certificate of measurement and weight of being verified 30.After this, based on this MID, client computer 14 selects to have in the continuous data storehouse 26 at least a portion of the continuous data of this MID that is associated with it, and it is copied to a predetermined format (step 405).
Note, because mainly being based on the MID that is associated with it, all continuous datas in the continuous data storehouse come index, therefore the continuous data that has the specific MID that is associated should be placed on together on logical meaning at least, and the continuous data of therefore selecting to have the specific MID that is associated should be a relative simple task.Also be noted that because secondly all continuous datas in the continuous data storehouse are based on the KID that is associated with it and come index, therefore should organize selected continuous data according to the KID that is associated.Therefore, selected continuous data should be the tabulation of counting of being organized according to KID etc., and for example can be placed in the XML form, and is as follows:
<KID0>
<COUNT1>a</COUNT1>
<COUNT2>b</COUNT2>
<COUNT3>c</COUNT3>
</KID0>
<KID1>
<COUNT4>d</COUNT4>
<COUNT5>e</COUNT5>
</KID1>
<KID2>
<COUNT6>f</COUNT6>
</KID2>
Notice that the continuous data in the continuous data storehouse 26 of client computer 14 may be the XML form, in this case, this continuous data can be by slavish copying in inquiry.
In one embodiment of the invention, the client computer 14 that has formative selected continuous data is addressed inquires to (step 407) based on formative continuous data and certificate of measurement and weight 30 structures.This inquiry can for example comprise MID from certificate of measurement and weight 30, from other signs of URL of the corresponding measurement service 24 of certificate of measurement and weight 30, for addressing inquires to affairs ID (TID) and the format continuous data of selecting.Note; do not checked in order to protect the format continuous data by other entities; this format continuous data in the inquiry should be encrypted according to a symmetrical key; to obtain (passkey (metereddata)); and key itself should place inquiry; this inquiry is according to encrypting from certificate of measurement and weight 30 (PU-M), to obtain (PU-M (passkey)).This key can be any suitable key and do not deviate from the spirit and scope of the present invention.For example, key can partly be derived from MID in unidirectional reproducible mode by client computer 14.
Attention, TID can be 16 byte-identifiers with base 64 codings, and, when successfully sending and responding inquiry and from continuous data storehouse 26, deleting corresponding continuous data, generate TID randomly, as below will illustrating in more detail.As below will illustrating in more detail, in case successfully finish previous inquiry to MID, client computer 14 has just generated the TID of the current inquiry of MID, and according to the MID of current inquiry this TID that generates has been stored in the continuous data storehouse 26, for retrieval and the use relevant with the current inquiry of MID.
Under specific circumstances, client computer 14 possibly can't be constructed inquiry to comprise all format continuous datas.For example, if client computer 14 is the simple relatively equipment that has finite memory, then the size of Zhi Xuning may be subjected to the restriction of cushion space available in the client computer 14.If in fact client computer 14 can't be constructed inquiry to comprise all format continuous datas, then inquiry can comprise that one is provided with the partial data sign.As below will illustrating in more detail, whether comprise all format continuous datas for the inquiry that is received, the metering service 24 that reception is addressed inquires to can have also can be without any specific concern, but metering service 24 will comprise when response is addressed inquires to the partial data sign will be set, and send another inquiry that has other format continuous data to remind client computer 14.
As mentioned above, the format continuous data in the inquiry comprises by secret key encryption in order to avoid the format continuous data of being checked by other entities.In a similar fashion, should according to key will address inquires to or at least its part hash be hashed value, and this hashed value should be included in the inquiry, to detect any modification that other entities carry out.Should be understood that if address inquires to or at least its part after deriving hashed value, be modified, no matter have a mind to still unintentionally, this hashed value can't be verified.
An above-mentioned example that has the inquiry of formaing continuous data of constructing is as follows:
<METERDATA?type=“challenge”>
<DATA>
<MID>UiW5yBMep2CuevGg5+FgA3==</MID>
<TID>Mep2CuevGgUiW5yB5+FgA3==</TID>
<PASSWORD>encrypted,base64?password</PASSWORD>
<RECORDS>
<KID?value=“KID1”>
<ACTION?value=“Play”>5</ACTION>
</KID>
<KID?value=“KID2”>
<ACTION?value=“Play”>71</ACTION>
<ACTION?value=“Burn”>2</ACTION>
</KID>
</RECORDS>
<PARTIALDATA>set</PARTIALDATA>
</DATA>
<HASH>
<HASHALGORITHM?type=“HMAC”/>
<VALUE>
Base64-encoded?hash
</VALUE>
</HASH>
</METERDATA>
Note, give the type attribute of addressing inquires to, so identify inquiry by comprising with the METERDATA label setting.
The inquiry of being constructed by client computer 14 is sent to metering service 24 (step 409) by suitably connecting such as network connection etc. between them.This connection can be any connection and do not deviate from the spirit and scope of the present invention.For example, in one case, connection can be that client computer/computing equipment 14 is via talking with by and metering service 24 direct such as mutual acceptable agreements such as HTTP such as networks such as the Internets.In another case, wherein client computer 14 and metering service 24 direct-connected (tether), connection can be such as direct interconnection technique such as USB-1394.
In case receive, metering service 24 just will be measured (PR-M) and will be applied to (PU-M (passkey)) from the inquiry that is received, obtaining key (step 411), and based on the hashed value (step 413) of the key authentication that is obtained from the inquiry that is received.If can not verify hashed value for some reason, metering service 24 can be to another inquiry of the identical MID of client computer 14 requests, perhaps can ignore this inquiry simply, client computer 14 continues as this MID cummulative metering data in this case, stop up to the Next Report cycle, this moment, client computer 14 sent an inquiry, in fact to report the continuous data from the MID of two reporting periods of front.
Suppose that hashed value can verify really, then metering service 24 can be applied to (passkey) (passkey (metereddata)) from the inquiry that is received, with acquisition continuous data (step 415), and store the continuous data (step 417) that is obtained by rights.Note, can carry out the continuous data that storage obtains and not deviate from the spirit and scope of the present invention with any suitable mode.The ad-hoc location of storage is mainly relevant with another service 32 (Fig. 1) that retrieve and use this continuous data of storing with method.
For finishing this affairs, metering service is based on addressing inquires to tectonic response to return to client computer 14 (step 419).Such just as will be seen, based on this response, client computer 14 is deleted the selected continuous data as the basis of addressing inquires to from the continuous data storehouse 26 of this client computer 14.
In any case in one embodiment of the invention, the content class of the response of being constructed is similar to the content of corresponding inquiry, and in fact can comprise some part of the inquiry that copies to wherein.Therefore, response can for example comprise from the MID and the TID that address inquires to, and at least a portion of format continuous data.Note, for last, 24 of metering service need by response inform client computer 14 treated have the continuous data of specific KID, do not need to comprise the actual continuous data of processing.Therefore, the part that should be included in the format continuous data in the response is the KID tabulation of handled continuous data.
The same, do not checked in order to protect the KID tabulation in the response by other entities, can encrypt this tabulation according to the key that obtains from inquiry or another key, although should be realized that, if think that this tabulation is actually insensitive encryption that just can not need.If used from the key of addressing inquires to, if client computer 14 can derive this key from MID or a certain other sources, then this key just need not be placed in the response with the form of encrypting.
As mentioned above, if can not constructing inquiry, client computer 14 comprises that is provided with a partial data sign therein to comprise all format continuous datas, then just to address inquires to.In this case, receive to address inquires to and the metering service 24 of its response is comprised that in response this is provided with the partial data sign and sends another inquiry that has other format continuous data to remind client computer 14.At last, should will respond or its at least a portion hash is a hashed value according to key, this hashed value should be included in the response, to detect any modification that other entities carry out.Should be understood that no matter have a mind to still unintentionally, this hashed value can't be verified if respond or its at least a portion is modified after deriving hashed value.
An example of the response of being constructed is as follows:
<METERDATA?type=“response”>
<DATA>
<MID>UiW5yBMep2CuevGg5+FgA3==</MID>
<TID>Mep2CuevGgUiW5yB5+FgA3==</TID>
<COMMAND>RESET</COMMAND>
<RECORDS>
<KID?value=“KID1”/>
<KID?value=“KID2”/>
</RECORDS>
<PARTIALDATA>set</PARTIALDATA>
</DATA>
<HASH>
<HASHALGORITHM?type=“HMAC”/>
<VALUE>
Base64-encoded?hash
</VALUE>
</HASH>
</METERDATA>
Note, set the type attribute of giving response, come identification response like this by comprising with the METERDATA label.Be noted that also response comprises a RESET (resetting) order, as what it will be appreciated that below, this RESET order is to make client computer 14 can delete the allowance of selected continuous data from its continuous data storehouse 26 in essence.
The response of being constructed by metering service 24 is sent to client computer 14 (step 421) by the connection between metering service 24 and the client computer 13.In case be received, client computer 14 just obtains key by the key copy that key derivation once more or retrieval have been preserved, and based on the hashed value (step 423) of the key authentication that is obtained from the response that is received.If can not verify hashed value for some reason, client computer 14 can be to another response of the identical inquiry of metering service 24 requests, perhaps can ignore this response simply, client computer 14 continues as MID cummulative metering data in this case, stop up to the Next Report cycle, client computer 14 sent and addressed inquires to this moment, in fact to report the continuous data from the MID of two reporting periods of front.
Suppose that hashed value can verify really, then client computer 14 just confirm in the response TID and MID be stored in continuous data storehouse 26 in TID and identical MID be complementary (step 425).So, if necessary, client computer 14 is tabulated cipher key application to obtain this tabulation in the encrypted KID from the response that is received, and pass through each KID in the tabulation, deletion has the continuous data (step 427) of this MID, KID index from continuous data storehouse 26, handles this KID tabulation.Therefore,, just from continuous data storehouse 26, remove this continuous data, make and to accumulate new continuous data in the cycle at Next Report in case successfully report continuous data.
Note, can carry out the deletion of continuous data and not deviate from the spirit and scope of the present invention with any suitable mode.For example, all data that can delete MID, KID index and be associated perhaps stay MID, KID index, only delete the data that are associated with it.
In case successfully handled all KID in the tabulation that responds, as mentioned above, client computer 14 generates the TID of the next one inquiry of MID, and according to the MID of current inquiry this TID that generates is stored in the continuous data storehouse 26, for addressing inquires to relevant retrieval and use (step 429) with the next one of MID.Be appreciated that when MID is first drawn in the continuous data storehouse 26 the pre-generation of this TID need generate a TID for each MID is initial.
The response that is appreciated that the use of TID in inquiry and gained has now been guaranteed by the continuous data of the being accumulated service of not being measured 24 countings of client computer 14 reports repeatedly.Especially, if for some reason, have first inquiry service of being measured 24 receptions and storage from the continuous data of first reporting period, but client computer 14 can't receive the response from metering service 24, this client computer can't generate new TID for the MID that addresses inquires to, and will not delete the continuous data of first reporting period.In this case, the result who does not generate new TID is, have from the next one of the MID of the continuous data in first reporting period and Next Report cycle address inquires to that the service of will being measured 24 receives, storage and handling.Yet, because will having with first, next inquiry addresses inquires to identical TID, metering service 24 should be not duplicate the mode from the continuous data of first reporting period, illustrated continuous data in the next inquiry of storage, and illustrated continuous data in first inquiry from first reporting period from first reporting period and Next Report cycle.Should be understood that and do like this and will count twice continuous data from first reporting period.On the contrary, the illustrated continuous data from first reporting period and Next Report cycle rewrote the illustrated continuous data from first reporting period in first inquiry during metering service 24 should be addressed inquires to the next one.As a result, the continuous data from first reporting period in fact is not counted twice.Certainly, address inquires to for metering service 24 identification is had with first next one of addressing inquires to identical TID, metering service 24 should be kept a TID and the database of the continuous data that is associated.
At last, in case for the MID that addresses inquires to generates new TID, client computer 14 determines whether response comprises that one is provided with partial data sign (step 431).If like this, client computer 14 is relevant for other continuous data MID, that will report to metering service 24 of addressing inquires to, and therefore constructs and send one or more other inquiries to report other continuous data, shown in step 405-431.Note,, need not wait until that the Next Report cycle stops even this other inquiry is not to be promptly to be sent out away immediately yet.
Note all not having supposition that metering service 24 has been identified client computer 14 heretofore.In fact, as the misgivings based on the privacy aspect, preservation may be wise or or even necessary from the sign of the client computer 14 of metering service.Yet, if a user owing to client computer 14 has for example agreed to come defrayment based on the utilization rate that is measured at least in part, client computer 14 is reporting to continuous data metering service 24, then only when guaranteeing that its user is this utilization rate that is measured when suitably paying, and just in fact should identify client computer to metering service.Usually, this sign is to obtain by the digital certificate that comprises a sign client computer 14, user etc. in inquiry, and wherein digital certificate comprises PKI (PU-U) and signature, and wherein signature certainly is verified.Therefore, not the hash that in inquiry, comprises based on key, can comprise based on (PR-U) and the signature that can verify based on (PU-U) but address inquires to from included digital certificate.In a similar fashion, can be this situation, that is, be the hash that comprises in response based on key, but response can comprise based on private key (PR-M) that is associated with certificate of measurement and weight 30 and the signature that can verify based on corresponding (PU-M) from this certificate of measurement and weight 30.
Conclusion
The present invention can be practiced in any suitable client computer 14 and metering service 24, supposes that this client computer 14 and metering service 24 can use trusted component 18 wherein.Should be understood that now, by means of the present invention described herein, can measure visit and other uses of client computer 14 place's contents 12, and can suitably continuous data be reported to metering service 24, can use any purpose of this continuous data to realize metering service 24 or another service 32.
Realization is simple relatively about the required program design of the performed process of the present invention, should be conspicuous concerning relevant programmer.Therefore, do not enclose this program design at this.So any specific program design can be used to realize the present invention and not deviate from spirit of the present invention and field.
Can see in the description in front that the present invention includes a kind of new and useful architecture and method, this architecture and method have realized continuous data and continuous data is reported to metering service 24 from client computer 14.This architecture and method have defined will measure what, the data of self-measuring how to be stored on the computing equipment 14, be used for from a plurality of computing equipments 14 each collect the metering service of continuous data and how continuous data reported to metering service 24.
Should be understood that and to change embodiment described above and do not deviate from its invention thought.So substantially, should be appreciated that, the invention is not restricted to described specific embodiment, but be intended to cover modification by in the defined the spirit and scope of the present invention of claims.

Claims (20)

1. method that the continuous data of being accumulated is reported to metering service from client computer, each segment of continuous data is indexed in the continuous data storehouse of client computer according to a metering ID (MID), and according to a relevance ID (KID) in the continuous data storehouse by subindex, described method comprises described client computer:
Select a specific MID;
Select to have in the described continuous data storehouse at least a portion of the continuous data of selected MID, selected continuous data is organized according to KID;
Address inquires to based on selected continuous data structure one;
Send the inquiry of being constructed to described metering service, described thus metering service obtains continuous data, stores described continuous data and constructs a response to return to described client computer based on described inquiry from described inquiry;
Receive response from described metering service, described response comprises the KID tabulation of selected continuous data in the described inquiry;
Confirm that described response is corresponding to described inquiry; And
By to each KID in the described tabulation, from described continuous data storehouse, delete continuous data with selected MID and described KID, handle the KID tabulation in the described response.
2. method according to claim 1 is characterized in that, comprises the described inquiry of structure, to comprise:
Described MID;
The station location marker of described metering service;
Affairs ID (TID) for described inquiry selection; And
Selected continuous data.
3. method as claimed in claim 2, it is characterized in that, comprise that the described inquiry of structure is to comprise according to the selected continuous data of a symmetrical secret key encryption to produce (passkey (metereddata)), and comprise that further PKI (PU-M) encrypted secret key according to described metering service is to produce (PU-M (passkey)), thus, described metering service can be applied to a private key corresponding to (PU-M) (PR-M) (PU-M (passkey)) from described inquiry to obtain described key, can with the cipher key application that obtained in from (passkey (metereddata)) of described inquiry to obtain described continuous data, and can store the continuous data that is obtained.
4. method as claimed in claim 3, it is characterized in that, comprise that the described inquiry of structure is further to comprise one based on the hashed value of described key from the hash derivation of at least a portion of described inquiry, thus, if at least a portion of described inquiry after this is modified, then described hashed value can't verify, and thus, and described metering service can be verified hashed value from described inquiry based on described key.
5. method as claimed in claim 2, it is characterized in that, comprise,, then construct described inquiry to comprise that further one is provided with the partial data sign if described client computer can not be constructed inquiry to comprise in the described continuous data storehouse continuous data to all accumulations of the MID that selects.
6. the method for claim 1 is characterized in that, comprises receiving described response, and described response comprises:
The MID that illustrates in the described inquiry;
The affairs ID that illustrates in the described inquiry (TID); And
At least a portion of the selected continuous data of illustrating in the described inquiry.
7. method as claimed in claim 6 is characterized in that, comprises receiving described response, and described response comprises the KID tabulation of at least a portion of selected continuous data.
8. method as claimed in claim 6, it is characterized in that, comprise and receive described response, described response comprises according at least a portion of the selected continuous data of a symmetrical secret key encryption to produce (passkey (metereddata)), and described method also comprises, described client computer obtain described key and with the cipher key application that obtained in from (passkey (metereddata)) of described response to obtain at least a portion of described continuous data.
9. method as claimed in claim 8, it is characterized in that, comprise and receive described inquiry, described inquiry also comprises one based on the hashed value of described key from the hash derivation of at least a portion of described response, and described method comprises that also described client computer is based on the hashed value of described key authentication from described response.
10. method as claimed in claim 6, it is characterized in that, if described inquiry comprises that one is provided with the partial data sign, then receive and comprise that further one is provided with the described response of partial data sign, the described partial data sign that is provided with represents that described client computer can not construct inquiry comprising in the described continuous data storehouse continuous data to all accumulations of selected MID, and the other continuous data that therefore described client computer has about the selected MID of described inquiry will report to described metering service.
11. method as claimed in claim 10 is characterized in that, also comprises, if described response comprises the described partial data sign that is provided with:
Select to have in the described continuous data storehouse at least a portion of the other continuous data of selected MID:
Construct an other inquiry based on selected other continuous data; And
The other inquiry of being constructed is sent to described metering service.
12. method as claimed in claim 6 is characterized in that, confirms that described response comprises that corresponding to described inquiry TID and MID that confirms in the described response and TID and the selected MID that is stored in the described continuous data storehouse are complementary.
13. the method for claim 1, it is characterized in that, also comprise, reception one is stored in the affairs ID (TID) in the described continuous data storehouse according to selected MID and constructs described inquiry to comprise described TID, to receive the response that further comprises described TID from described metering service, and in case the KID tabulation of having handled in the described response just generates a new TID for the next one inquiry of described MID, and according to selected MID the TID that is generated is stored in the described continuous data storehouse, be used for addressing inquires to relevant retrieval and use with the next one of described MID.
14. the continuous data with accumulation reports to the method for metering service from client computer, each segment of continuous data is all indexed in the continuous data storehouse of described client computer according to a metering ID (MID), and according to a relevance ID (KID) in described continuous data storehouse by subindex, described method comprises client computer:
Select a specific certificate of measurement and weight, and therefrom determine a MID who illustrates therein;
Select to have in the described continuous data storehouse at least a portion of the continuous data of determined MID from selected certificate of measurement and weight, selected continuous data is organized according to KID;
Address inquires to based on selected continuous data and selected certificate of measurement and weight structure one;
The inquiry of being constructed is sent to described metering service, and described thus metering service obtains described continuous data, storage continuous data and constructs one based on described inquiry to respond to return to described client computer from described inquiry;
Receive response from described metering service, described response comprises the KID tabulation of selected continuous data in the described inquiry;
Confirm that described response is corresponding to described inquiry; And
By to each KID in the described tabulation, from described continuous data storehouse, delete the continuous data that has determined MID and described KID, handle the KID tabulation in the described response.
15. method as claimed in claim 14 is characterized in that, comprises the described inquiry of structure, to comprise:
MID from described certificate of measurement and weight;
Station location marker from the metering service of described certificate of measurement and weight;
Be the selected affairs ID of described inquiry (TID); And
Selected continuous data.
16. method as claimed in claim 15, it is characterized in that, comprise that the described inquiry of structure is to comprise according to the selected continuous data of a symmetrical secret key encryption to produce (passkey (metereddata)), and further comprise according to from PKI (PU-M) encrypted secret key of described certificate of measurement and weight producing (PU-M (passkey)), described thus metering service can be applied to the private key (PR-M) corresponding to (PU-M) (PU-M (passkey)) from described inquiry to obtain described key, can with the cipher key application that obtained in from (passkey (metereddata)) of described inquiry to obtain described continuous data, and can store the continuous data that is obtained.
17. as require 15 described methods, it is characterized in that, comprise, if described client computer can not be constructed described inquiry to comprise in the described continuous data storehouse the continuous data from all accumulations of the determined MID of selected certificate of measurement and weight, then construct described inquiry to comprise that further one is provided with the partial data sign.
18. method as claimed in claim 14 is characterized in that, comprises receiving described response, described response comprises:
The MID that illustrates in the described inquiry;
The affairs ID that illustrates in the described inquiry (TID); And
At least a portion of the selected continuous data of illustrating in the described inquiry.
19. method as claimed in claim 18, it is characterized in that, comprise, if described inquiry comprises that one is provided with the partial data sign, then receive and comprise that further one is provided with the described response of partial data sign, the described partial data sign that is provided with is represented, the described inquiry of described clients construct is to comprise in the described continuous data storehouse the continuous data from all accumulations of the determined MID of selected certificate of measurement and weight, and, described client computer therefore have about described inquiry determine that the other continuous data of MID will report to described metering service.
20. method as claimed in claim 19 is characterized in that, comprises, if described response comprises the described partial data sign that is provided with:
Select at least a portion of having in the described continuous data storehouse from the other continuous data of the determined MID of selected certificate of measurement and weight;
Based on selected other continuous data and selected certificate of measurement and weight, construct an other inquiry; And
The other inquiry of being constructed is sent to described metering service.
CNB2005100667073A 2004-04-23 2005-04-22 Metering accessing of content in a content protection system or its analog Active CN100442194C (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/830,632 2004-04-23
US10/830,632 US7266569B2 (en) 2004-04-23 2004-04-23 Metering accessing of content and the like in a content protection system or the like

Publications (2)

Publication Number Publication Date
CN1690913A true CN1690913A (en) 2005-11-02
CN100442194C CN100442194C (en) 2008-12-10

Family

ID=34939188

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2005100667073A Active CN100442194C (en) 2004-04-23 2005-04-22 Metering accessing of content in a content protection system or its analog

Country Status (10)

Country Link
US (1) US7266569B2 (en)
EP (1) EP1594033B1 (en)
JP (1) JP4101249B2 (en)
KR (1) KR101120777B1 (en)
CN (1) CN100442194C (en)
AU (1) AU2005201602B2 (en)
BR (1) BRPI0501366A (en)
CA (1) CA2505295C (en)
MX (1) MXPA05004357A (en)
RU (1) RU2367014C2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102708312A (en) * 2006-07-07 2012-10-03 微软公司 Over-the-air delivery of metering certificates and data

Families Citing this family (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7103574B1 (en) * 1999-03-27 2006-09-05 Microsoft Corporation Enforcement architecture and method for digital rights management
US7370212B2 (en) 2003-02-25 2008-05-06 Microsoft Corporation Issuing a publisher use license off-line in a digital rights management (DRM) system
US20060242406A1 (en) 2005-04-22 2006-10-26 Microsoft Corporation Protected computing environment
US8347078B2 (en) 2004-10-18 2013-01-01 Microsoft Corporation Device certificate individualization
US20060089917A1 (en) * 2004-10-22 2006-04-27 Microsoft Corporation License synchronization
US8336085B2 (en) 2004-11-15 2012-12-18 Microsoft Corporation Tuning product policy using observed evidence of customer behavior
US8176564B2 (en) 2004-11-15 2012-05-08 Microsoft Corporation Special PC mode entered upon detection of undesired state
US8464348B2 (en) * 2004-11-15 2013-06-11 Microsoft Corporation Isolated computing environment anchored into CPU and motherboard
US8438645B2 (en) * 2005-04-27 2013-05-07 Microsoft Corporation Secure clock with grace periods
US8738536B2 (en) * 2005-04-14 2014-05-27 Microsoft Corporation Licensing content for use on portable device
US8725646B2 (en) 2005-04-15 2014-05-13 Microsoft Corporation Output protection levels
US9363481B2 (en) 2005-04-22 2016-06-07 Microsoft Technology Licensing, Llc Protected media pipeline
US9436804B2 (en) 2005-04-22 2016-09-06 Microsoft Technology Licensing, Llc Establishing a unique session key using a hardware functionality scan
US20060265758A1 (en) 2005-05-20 2006-11-23 Microsoft Corporation Extensible media rights
US8353046B2 (en) 2005-06-08 2013-01-08 Microsoft Corporation System and method for delivery of a modular operating system
US20070257813A1 (en) * 2006-02-03 2007-11-08 Silver Spring Networks Secure network bootstrap of devices in an automatic meter reading network
KR100846508B1 (en) * 2006-12-22 2008-07-17 삼성전자주식회사 Method, device, and system for digital rights management
JP4981926B2 (en) * 2007-01-15 2012-07-25 コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ Playback device with conditional playback
KR20090015292A (en) * 2007-08-08 2009-02-12 삼성전자주식회사 Method of offering information in a portable terminal and an apparatus thereof
US20090327059A1 (en) * 2008-06-25 2009-12-31 Microsoft Corporation Digital rights management support for metering in advertising scenarios
US9053482B2 (en) * 2011-05-24 2015-06-09 Amazon Technologies, Inc. Service for managing digital content licenses
US8621650B2 (en) * 2011-10-25 2013-12-31 Alcatel Lucent Verification of content possession by an announcing peer in a peer-to-peer content distribution system
US10325329B2 (en) 2014-12-12 2019-06-18 Mcafee, Inc. Smart home security of metered data using a mask
FR3038415B1 (en) * 2015-07-01 2017-08-11 Viaccess Sa METHOD FOR PROVIDING PROTECTED MULTIMEDIA CONTENT
US11128482B2 (en) * 2019-04-19 2021-09-21 Microsoft Technology Licensing, Llc Metering cloud workloads at edge computing devices

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5715403A (en) 1994-11-23 1998-02-03 Xerox Corporation System for controlling the distribution and use of digital works having attached usage rights where the usage rights are defined by a usage rights grammar
DE69638018D1 (en) * 1995-02-13 2009-10-15 Intertrust Tech Corp Systems and procedures for managing secure transactions and protecting electronic rights
DE19733605A1 (en) * 1997-07-29 1999-02-04 Francotyp Postalia Gmbh Procedure for billing shipping services
US6199068B1 (en) * 1997-09-11 2001-03-06 Abb Power T&D Company Inc. Mapping interface for a distributed server to translate between dissimilar file formats
US7024393B1 (en) 1999-03-27 2006-04-04 Microsoft Corporation Structural of digital rights management (DRM) system
US7103574B1 (en) 1999-03-27 2006-09-05 Microsoft Corporation Enforcement architecture and method for digital rights management
US6721713B1 (en) * 1999-05-27 2004-04-13 Andersen Consulting Llp Business alliance identification in a web architecture framework
US8271336B2 (en) * 1999-11-22 2012-09-18 Accenture Global Services Gmbh Increased visibility during order management in a network-based supply chain environment
US6772340B1 (en) 2000-01-14 2004-08-03 Microsoft Corporation Digital rights management system operating on computing device and having black box tied to computing device
JP4356226B2 (en) * 2000-09-12 2009-11-04 ソニー株式会社 Server apparatus, distribution system, distribution method, and terminal apparatus
US7284188B2 (en) * 2002-03-29 2007-10-16 Sony Corporation Method and system for embedding MPEG-7 header data to improve digital content queries

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102708312A (en) * 2006-07-07 2012-10-03 微软公司 Over-the-air delivery of metering certificates and data
US9009077B2 (en) 2006-07-07 2015-04-14 Microsoft Technology Licensing, Llc Over-the-air delivery of metering certificates and data
CN102708312B (en) * 2006-07-07 2015-07-29 微软公司 For the method for the aerial transmission of certificate of measurement and weight and data

Also Published As

Publication number Publication date
CA2505295A1 (en) 2005-10-23
BRPI0501366A (en) 2006-12-12
US20060010076A1 (en) 2006-01-12
MXPA05004357A (en) 2005-10-27
JP4101249B2 (en) 2008-06-18
AU2005201602B2 (en) 2010-05-20
EP1594033A2 (en) 2005-11-09
JP2005317009A (en) 2005-11-10
KR101120777B1 (en) 2012-03-23
RU2367014C2 (en) 2009-09-10
CA2505295C (en) 2015-06-23
US7266569B2 (en) 2007-09-04
RU2005112105A (en) 2006-10-27
CN100442194C (en) 2008-12-10
AU2005201602A1 (en) 2005-11-10
KR20060047435A (en) 2006-05-18
EP1594033A3 (en) 2006-11-15
EP1594033B1 (en) 2020-03-18

Similar Documents

Publication Publication Date Title
CN1690913A (en) Metering accessing of content in a content protection system or its analog
US10423764B2 (en) Methods, systems, and apparatus for fragmented file sharing
CN1221907C (en) Content application administrative system and its method
CN1802813A (en) User terminal for receiving license
CN1795452A (en) Information server, information device, information processing system, information processing method, and information processing program
CN1961370A (en) Method and apparatus for playing back content based on digital rights management, and portable storage
CN1550995A (en) Issuing a digital rights management (DRM) license for content based on cross-forest directory information
CN1525682A (en) Issuing a publisher use license off-line in a digital rights management (DRM) system
JP2004046833A (en) Publishing of contents related to digital copyright management (drm) system
CN1462397A (en) Method of protecting and managing digital contents and system for using thereof
CN1698041A (en) Information device, information server, information processing system, information processing method, and information processing program
US7856404B2 (en) Playlist burning in rights-management context
CN1531253A (en) Server for managing registered/subregistered digit power in DRM structure
CN1542582A (en) Tying a digital license to a user and tying the user to multiple computing devices in a digital rights management (DRM) system
US20080288411A1 (en) Methods, media, and systems for tracking and encrypting content usage
CN1873652A (en) Device and method for protecting digit content, and device and method for processing protected digit content
CN1691574A (en) Rendering protected digital content within a network of computing devices or the like
CN1467642A (en) Data protection program and data protection method
CN1568447A (en) Server device and program management system
CN1310157C (en) Apparatus and method for information processing, recording medium, and program
CN1650303A (en) Networked services licensing system and method
CN101075278A (en) Method for presenting digital content use authorization and authorization releaser
JP2006195740A (en) Management apparatus
CN1820447A (en) System and method for controlling rights expressions by stake holders of item

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
ASS Succession or assignment of patent right

Owner name: MICROSOFT TECHNOLOGY LICENSING LLC

Free format text: FORMER OWNER: MICROSOFT CORP.

Effective date: 20150507

C41 Transfer of patent application or patent right or utility model
TR01 Transfer of patent right

Effective date of registration: 20150507

Address after: Washington State

Patentee after: Micro soft technique license Co., Ltd

Address before: Washington State

Patentee before: Microsoft Corp.